| | | 20,000+ Fresh Resumes Monthly | |
|
|
| |
Click here or scroll down to respond to this candidatePROFESSIONAL SUMMARY:Technical skillsInformation Security, Identity access management (IAM) and identity lifecycle management, Window platform Active directory and exchange servers access provisioning and deprovisioning, Access certification, Access tier and PBL review, Audit queries responses, Risk management, Strategic management, SOC Tier 1 and Tier 2 vulnerability assessment,management and threat analysis, Access controls, Incident management, RBAC methodology, supporting the infrastructure Segregation of duties, AWS SDLC, Change Management, Project coordination Service-quality, RACF, IT Service continuity, Information security risk assessment, Data Integrity guidelines, Understanding of ITIL Service Support, Implementing security policy SailPoint testing project, Service now, EMCT tools, Remedy toolInterpersonal skillsExcellent interpersonal, organizational, verbal and written communication skillsCandidate's Name
Conflict ResolutionLeadership skillsExcellent teamwork, Active team playerCollaborationEmotional intelligence.PositivityCritical thinkingMentorshipPROFESSIONAL ExperienceUSA (2022 June to Present)Information Security AnalystResponsibilitiesHandling the incident queue and prioritizing based on the business requirement, Working on service now requests and raising change requests for bulk processing, Regularly working with the application team to get the stale feeds updated, Regular follow up for access certification closure to avoid security breaches, Regularly reviewing and updating the access control criteria for the applications with the required approvals from the LOB heads, Working on the RCAF to analyze the access permission, Planning, implementing and maintaining software systems through SDLC, Executing the application attestation campaigns, Working on IAM tool provisioning and deprovisioning, Outlining the KPIs, reporting and documentation, Segregation of duties based on the teams availability and project requirement, Identity governance and Privilege access management, regularly conducting the review with the application teams to identify the role-based access and submitting the delete requests to eliminate the risks associated with the privilege access, Analyzing the reconciliation reports for orphan accounts and entitlements and working with the respective team to get the ownership transferred with the necessary approvals, Access provisioning, deprovisioning, Planning and executing Information Security Training and Awareness plans and activities. Bulk provisioning in the test environment and production as necessary. Regularly performing the health check and report review for business continuity. Remediation of risks by working with the business to design, implement to improve control activities to achieve Information Security objectives.Projects Handled1.Certification simplification project. (Have achieved the target of getting 2lakh entitlements access level tier reduced from high to low and changed the PBL description updated which in turn remediated risk associated.2.Scope of ACT Exception Oversight The ACT Exception Oversight Process is established to provide monitoring and tracking progress and timely resolution of uncertifiable items requiring remediation that are captured and presented on ACT Exception Reports. The reports include Certified Owner Cannot be Identified, Supplied Data Insufficient to Certify, and Inactive Users with Active Accounts. This oversight will allow the IAM Certifications team to identify trends, provide visibility of issues where uncertifiable items are spiking and/or not being resolved, and escalate when needed to attain resolution. In this effort, an oversight tool was introduced in Q4,2023 which reduced manual effort in notifying and escalating to responsible teams. Now all subsequent Past Due Notices, (if necessary), will be sent from the Oversight tool to the administration team with a copy to the administration team manager.2015 May- June 2022Senior Technology Operations Analyst (AVP)RESPONSIBILITIES:Contextualized data risk assessment based on the specifics of the data, access and identities in the organization. Providing solutions for governing access to data. Integrate and use the data. Executing the change management, the team mainly dealt with Access provisioning and de- provisioning of wholesale banking domain applications via ART and IAM tools, Monitoring the mailbox for access requests from ASIA PAC region, providing home drive and shared folder access, Creation of Active directory accounts and raising RC requests to create and modify mailbox based on users specifications. Communicating with the application teams, end users and handling the escalations. Create reports and dashboard to provide metrics for operations team. Ensuring to get SOP documents updated as per the latest procedures followed by the team. Ensuring Quality and SLA. Working using AWS Security concepts.Roles performed as SME for Access certification TeamWorking as Team lead for Access certification team (Cyber Security LOB)Handling all certification issues, first point of contact for all certification related escalations across APAC region, Report generation, Co-ordination with the US team, Process documentation, Executing the certification on ACT, AIMS and EMCT tools, Hands on experience in main frame platform provision deprovision of access on RCAF, Working with application teams and data centers to fetch the data files for manual certifications uploading the data files well within the given deadlines. Handling SODs within the team. Incident Handling, Co Ordination with the application owners to get the feed failures corrected in timely manner. Training the new team members. Handling the audit queries both internal and external and providing evidence. Assigning the delegates to complete the certifications tasks in absence of owners. Working with executive assistants and following up for timely closure of certifications. Scheduling the application attestation process and follow up to closure. Scheduling the change requests to get bulk certification completion at the back end by engineering team. Regular follow up and scheduling meetings with application and administration team to get the exception items remediated.Projects handled-1.ACT On Demand - The implementation of OnDemand certifications will leverage existing ACT components where possible. OnDemand certifications introduce manual tasks that diverge from ACTs core processing and controls. The OnDemand capability in ACT will implement additional process controls for the sources using OnDemand certifications to help reduce data integrity issues and inadvertent data corruption. In this effort, out of 76, 47 applications have been migrated from EMCT to ACT On Demand, thus reducing execution Data files manually to perform periodic certification.2.AIMS tool testing- Preparing the test script to test the functionality of tool in Production and lower environments.3.SailPoint testing- I was part of SailPoint onboarding testing team.Access reconciliation Team-Was part of un certifiable new project. Have successfully completed the KT from onsite team.Prepared training documents for each plat5form.Worked on multiple platforms in un certifiable team.Providing root cause analysis on escalated issues.Deletion of users, Delegation of Rights, Security GroupsAttended training sessions for reconciliation project.Updating the process documents as per new updates.Scheduling weekly meetings with the stateside manager and providing updates. Filling up the process gaps as per new updates.ACTIVE DIRECTORY Team-Managing user accounts, groups and controlling access rights using Active Directory.Managing and revoking user profiles, credentials throughout the user lifecycle.Add/change access for associates, employees, and authorized agents upon receiving authorized approval.Creation of home drive and mapping of home drive to users profile.Delete/remove access for terminated employees and authorized agents as required.User rights and ID Management.Creation & Deletion of users, Delegation of Rights, Security GroupsTroubleshooting to fix the access issues.(April 2011-Dec 2014)Security Delivery Specialist (UAM)Understanding of ITIL Service Support areas with focus mainly on Incident and Change Management. Ensure the best possible levels of Service-quality, IT Service continuity and availability is maintained. Chase/follow up for customers with the IBM teams for updates on incident and change request and driving for fixes within Service Level Agreement. Efficient management of Incident and Change ticket queue. Handling level 2 support activities on Active Directory, Pushing software packages through Active Directory. Hands on experience in Troubleshooting of issues related to Network, Wireless Profiles, Blackberry, Printer, MS Outlook, and MS Excel. Understanding and usage of ticketing tool BMC Remedy. Managing user accounts, groups and controlling access rights using Active Directory. Managing and revoking user profiles, credentials throughout the user lifecycle. Add/change access for associates, client employees, and authorized agents based on information owners' approval. Deletes/removes access for terminated employees and authorized agents as required. User rights and ID Management. Creation & Deletion of users, Delegation of Rights, Security Groups, Distribution Groups, Managing Mailboxes. Providing root cause analysis on escalated tickets. Working in coordination with teams like Intel, Exchange, and help customers in resolving the issues. Understanding and usage of ticketing tool Maximo. Handling/Attending the client call and interacting with various technical teams and updating and resolving the escalations on priority. A secondary role was part of project co-ordination.(Jan 2010-Dec 2010)Customer support executiveRESPONSIBILITIESWorked as customer support executive. Handling the queries from Microsoft windows and offices products usersHandling the software activation processEDUCATION:Bachelor of Engineering in Computer Science, |
